Differentiate between Consensus and Cluster Headers storage

[tim-barry]

A ChainID must now be provided to Headers storage instance on creation.
That storage instance will then only be able to successfully store or retrieve headers corresponding to the correct ChainID. In addition, the height-based index will also be specific to that ChainID.

Currently, an exception is made for cluster chains: Since the ChainID changes when a new epoch begins, but collection nodes still access collections from the previous epoch/chain (to deduplicate transactions), storage instances for cluster chains are allowed to retrieve (but not store) headers from other cluster chains.
This should likely be further refactored.

Closes: #4204

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[codecov-commenter]

Codecov Report

❌ Patch coverage is 9.75610% with 185 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...llection/epochmgr/mock/epoch_components_factory.go	0.00%	20 Missing ⚠️
state/protocol/badger/state.go	0.00%	20 Missing ⚠️
cmd/scaffold.go	0.00%	16 Missing ⚠️
storage/store/headers.go	37.50%	6 Missing and 4 partials ⚠️
state/protocol/util/testing.go	0.00%	9 Missing ⚠️
...ine/collection/epochmgr/factories/cluster_state.go	0.00%	8 Missing ⚠️
...ck-executed-height/cmd/rollback_executed_height.go	0.00%	5 Missing ⚠️
cmd/util/cmd/verify-evm-offchain-replay/verify.go	0.00%	5 Missing ⚠️
...d/util/cmd/exec-data-json-export/block_exporter.go	0.00%	4 Missing ⚠️
...d/exec-data-json-export/delta_snapshot_exporter.go	0.00%	4 Missing ⚠️
... and 27 more

📢 Thoughts on this report? Let us know!

[durkmurder]

I am not particularly fond of this. Seems like a workaround for a particular case, additionally we rely on the naming of the chain ID to be specific for recognizing a cluster. Additionally, I don't see that sentinel error is explained in the general interface.

I would propose next:

1. Update the API to describe newly added sentinel error.
2. Avoid any specific workarounds for specific chain IDs and just return a sentinel if there is a wrong chain. The user of the interface needs to deal with this on his own but not rely on the implementation detail of the storage layer.

[jordanschalm]

+1 - See my comment here https://github.com/onflow/flow-go/pull/8222/files#r2608027971, I think we can remove the problematic part of this.

[jordanschalm]

Did you want to address this TODO in this PR?

[jordanschalm]

We should handle the error from IsBootstrapped

[jordanschalm]

document expected errors here

[jordanschalm]

document expected errors here

[jordanschalm]

I would invert this to handle the err != nil case in the conditional (return unexpected error) and set the chain ID outside the conditional. Otherwise we are ignoring unexpected errors, which we should generally never do.

[jordanschalm]

Suggested change

	// ChainID refers to the consensus chain, from which reference blocks are used.
	//
	// Must return ErrNotAuthorizedForEpoch if this node is not authorized in the epoch.
	Create(epoch protocol.CommittedEpoch) (
	Create(epoch protocol.CommittedEpoch, chainID flow.ChainID) (
	//
	// Must return ErrNotAuthorizedForEpoch if this node is not authorized in the epoch.
	Create(epoch protocol.CommittedEpoch, consensusChainID flow.ChainID) (

[jordanschalm]

Transaction de-duplication actually does not occur across cluster and epoch boundaries.

• Each transaction is uniquely assigned to one cluster in one epoch, based on the transaction's reference block (see ingestion logic)
• Therefore, each cluster has a range of reference block heights they can accept. These ranges are equivalent to the height range of blocks within an epoch ($[FirstBlockInEpoch.Height, LastBlockInEpoch.Height]$. These ranges are consecutive and do not overlap.
  • In short, if we are considering a cluster block with reference block height $FirstBlockInEpoch.Height$, then minRefHeight is actually $FirstBlockInEpoch.Height$ (we don't need to search further back).
• We already take this into account when determining the lowest possible reference block

So I think we can remove this TODO, and remove the special-case logic in storage.Headers meant to work around this. I would also suggest adding some documentation here explaining why there is no overlap between clusters and epochs.

[jordanschalm]

+1 - See my comment here https://github.com/onflow/flow-go/pull/8222/files#r2608027971, I think we can remove the problematic part of this.

[jordanschalm]

I would suggest defining this as a method on flow.ChainID to consolidate the logic and documentation. I also think we can improve safety slightly:

• Create a new constructor NewClusterHeaders
  • NewClusterHeaders returns an error if if thinks the chain ID input is not a cluster chain
  • NewHeaders returns an error if if thinks the chain ID input is a cluster chain
  • Each constructor binds the appropriate height lookup function for the kind of header it is for. (Most of the constructor logic can go into a shared, private newHeaders function that accepts the height lookup as an argument).

I prefer this because it makes the clients expectations more explicit. If the IsClusterChain logic fails to match the constructor used, then we will error, rather than continuing in an inconsistent state.